Bypass firewalls using ssh



Ever wanted to access a service behind a firewall that has port 22 open for ssh connections? This is a common setup known as using a jump-box for security access and to be successful at this we your firewall must allow port 22 traffic to your ssh jump-box. We can test our if port 22 is open by typing the following line.

telnet ssh-jump-box 22

If all is good then we should see something like
Trying 192.168.1.200...
Connected to ssh-jump-box.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1.2

In this example we’re going to create a tunnel for port 3389 windows rdekstop and we’ll begin by creating a local loopback port 3390 that ssh will tunnel from myMachine to myFireWalledMachine on port 3389

ssh -L 3390:server-behindFirewall:3389 user@ssh-jumpbox -N

Now we can access the service on port 3389 that was previously inaccessible through the firewall by pointing our connection to the local loopback port we just created through ssh. In this case we\’ll use rdesktop to hit that port as we are trying to remote desktop to a firewalled machine.

rdesktop localhost:3390


Digg Google Bookmarks reddit Mixx StumbleUpon Technorati Yahoo! Buzz DesignFloat Delicious BlinkList Furl
Labels: , , ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • block consecutive IP address using scripts
    How to block long list of consecutive IP address? How to call linux route command inside a script? How to block consecutive IP address usi...
  • What is MooLux
    MooLux is a Live USB Linux distribution based on Slackware that utilizes the KDE desktop environment. MooLux is a portable operating sys...
  • Download MooLux
    MooLux is available as zip format. Extract the file to your USB Disk, run a command, boot your computer with first boot to USB Disk. You mi...
  • Encrypt Filesystems
    If you are using modules you need to load these first: modprobe loop;modprobe cryptoloop;modprobe cipher-aes Basically you: losetup -e ...
  • Block Yahoo Messenger, AOL, MSN and ICQ using IPTABLES
    If you’re a network administrator and you’re using Linux on your servers, you can stop the rest of the users from using IM applications by b...
  • du - the disk usage linux command
    du stands for disk usage. This simple linux command provides a summary of harddisk or storage space disk usage. It has many parameter argume...
  • Develop website using bluefish
    Linux is at the forefront of web development. Recently, I've been developing web applications using frameworks, and Linux in general mak...
  • Setting the PATH in linux
    This article explains how set your PATH variable under Linux. This has the same use as that of setting the PATH variable under DOS. Under Li...
  • USB MooLux Live Install from Windows
    source: http://www.pendrivelinux.com/usb-moolux-install-from-windows/ The following tutorial covers the process of installing MooLux Linux...
  • Documentations
    Boot from usbdisk - Download file moolux-5.4.zip - uncompress moolux.5.4.zip to USB Disk - cd to /boot directory in USB disk - execute ...